Open is the New Closed

[Android, Symbian, LiMo, Qt, WebKit… all open source projects, but how really open are they? Research Director Andreas Constantinou explains the differences between open source licenses and governance models and why governance is so misunderstood yet important in assessing true openness]

Openness is a much-misunderstood word; a kind of good-will moniker to which people attach an impressive variety of definitions; open source code, open standards, open handsets, openness as in transparency, shared roadmaps, open APIs, open route to market… It’s a very forgiving term as far as definitions go.

One of the industry’s favourite facets of openness is of course open source. For the past three years we ‘ve researching open source here at VisionMobile, partly because of our training course, and partly out of a drive to understand what this all means for the industry.

Lots of software vendors and consortia have embraced open source in some form or other; Symbian Foundation, LiMo Foundation, OHA/Android, Nokia Qt, Nokia Maemo, WebKit, GTK, Eclipse IDE, Sun phoneME and Funambol are the main efforts that have hit the limelight.

So what is open source ?
Open source licensed software carries four basic freedoms; the right to access (source code), modify, distribute and contribute to the software. These freedoms have been embodied in the key licenses – GPL, LGPL, APL, EPL, MPL, BSD and MIT – which are used in the vast majority of open source projects. The licenses in turn determine the rights and obligations that use of the source code carries. Unsurprisingly, strong copyleft licenses (read: GPL) are rarely used in mobile products, due to the OEM concerns for downstream liabilities.

But what’s often missed in open source discussions is how open source licenses tell only half the story.

Licenses typically govern control of the source code. But in the mobile industry, source code and products are two very different things. For example; while you can play with Android source code to your heart’s content, are the latest code check-ins publicly visible ? You can peak at Symbian Foundation’s EPL-licensed source code, but who arbitrates what changes go into Symbian? You can buy a LiMo-compliant handset, but as a LiMo member can you expect LiMo handsets to ship with your source code contributions ? You can create your own WebKit-based browser, but why is it so difficult to get your contributions back into the ‘tip of the tree’?

It turns out there’s often no ‘official’ answer to these questions, and when there is, the answer is a resounding No. Indeed, there are 10s of questions you could be asking to these â€˜open’ projects or products, and none of these is within the bounds of the open source software license; they are in the small print or what’s known as the governance model.

We ‘ve long been tracking the who’s who of mobile open source; what’s most interesting is how the popular open source projects (Android, Symbian, LiMo et al) map in terms of the spectrum of licenses and governance models. We ‘ve done that as part of our training course, and you can peek at the summary in the next chart:

The picture that emerges is one where :
– open source licenses (the large print that covers source control) are widely used, converged and well understood, while
– governance models (the small print that governs product control) are proprietary, diverging and poorly understood

Governance models can be simplified to indicate the democracy of influence on an open source product; on one end of the spectrum are autonomous communities where opinion leaders influence the direction of the product (see Linux), while on the other end are single-sponsor communities where the product roadmap is influenced by a single company.

In reality, things are much more complicated. There have been many attempts at classifying governance models (most notably the work of West and O’Mahony), but there is really no universal dictionary, no certification body, and an excessive amount of ‘openness’ marketing hype to help obscure rather than enlighten the mobile industry.

Governance models are in effect multi-dimensional; how do you control access to a product, determine influence mechanisms, or manage IP rights? Here’s a few questions you should be asking to assess the openness of a product’s governance model (in particular, think Android, Symbian and LiMo when asking these questions):
– Are code check-ins publically accessible (and on a realtime basis) ?
– Is the product roadmap publically available (and how far does it stretch) ?
– Are any of the above accessible to members only ? Are there any fees or contractual commitments (NDAs, etc) required for members?
– Who has access to check-in code (and what is the process for check-ins) ?
– What is the arbitration process in case there is a conflict between two contributions to the source code ?
– Who has the authority to release code and binaries (and how is the release schedule determined)?
– Who gets to decide if a contributed component is optional or mandatory (downstream influence)?
– How is the roadmap formed ? What is the process and who has voting rights ?
– Are IP rights (patents, copyrights, etc) of contributions maintained or automatically transferred?
– Are there any support implications for parties who contribute source code ?
– Are there any safe harbour provisions for contributors to the source code ?

What this industry needs is not more marketing hype, but more education and clarity on governance models, and a benchmark – an openness index – for determining the true transparency of an open source product, and for pushing the corporate sponsors to play fair. We have been quietly working towards developing an openness index and are keen to hear from companies who want to make this happen.

Governance is one of the most understated topics in the â€˜open’ mobile industry today, yet one of the most fundamental in the direction where the industry will be taking.